First Anniversary of GDPR Passes Quietly but Ominously

When Europe’s General Data Protection Regulation took effect a year ago, many in Australia shrugged their shoulders and said, “Nice for them, but not my problem.” But that might not be quite the case.

In California a ‘lite’ version of GDPR called the California Consumer Privacy Act has already passed into law. Can changes to Australia’s privacy laws be far behind? In a recent article for Brink, Matthew McCabe points out that “Regulators intended for the reach of the GDPR to extend far beyond the EU’s borders, with the rights granted under it following wherever an individual’s data may sprawl.

However, the GDPR has also prompted many nations to introduce comprehensive data privacy rules of their own. BrazilIndiaJapanThailandthe U.S and others have adopted laws with protections similar to those in the GDPR.”

As the first anniversary slips by, it is becoming increasingly clear that the globalisation of consumer data regulation is a new reality that will change business practices here in Australia, as elsewhere in the world.

The ‘Human Element’ in Data Breaches

At the opening event of Privacy Awareness Week, Information and Privacy Commissioner Angelene Falk released the first report since the onset of compulsory breach reporting. “Perhaps the most important insight from this report is that most data breaches, including cyber incidents, involve or exploit a human element. Whether it’s sending information to the wrong person or clicking on a phishing link, employees were centrally involved in most of the data breaches reported to the OAIC.”

She challenged businesses to move beyond a purely compliance approach. “We believe entities are now well equipped to meet their obligations and take proactive steps to prevent breaches of personal information… This means fostering a workplace culture where privacy and security are organisational priorities. We expect you to support consumers effectively, take responsibility for the impacts of a data breach, and help people mitigate the harm that may result.”

New Minister for Communications has ‘Cyber Safety’ added to his Portfolio

Under the new Morrison Government, the Hon Paul Fletcher MP becomes Minister for Communications, Cyber Safety and the Arts.  In making the announcement, Prime Minister Scott Morrison emphasised the new cyber safety aspect of the role: “As the National Broadband Network nears full roll out and social media becomes an even more prominent front in the fight to keep Australians safe, Paul Fletcher, as Minister for Communications, Cyber Safety and the Arts brings extensive experience and insight to the task.”

Mr. Fletcher has worked extensively in the communications sector since the mid-90’s as a policy adviser, as a senior executive at Optus for eight years, as a consultant serving the sector, and more recently as Parliamentary Secretary to the Minister for Communications from 2013 to 2015.